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METHOD FOR VERIFYING USER MEMORY VALIDITY IN 

OPERATING SYSTEM 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

[1] The invention relates to an operating system which can be embedded in 
communications equipment. 

2. Background of the Related Art 

[2] Generally, an OS (Operating System) provides various high level functions so 
that various software operations may be managed and performed effectively. In addition, the 
OS performs services for user processes generated in respective application programs 
through a Kernel real-time multi-managing system which manages resources, such as a disk, a 
printer, a terminal, or communication equipment. 

[3] When a user process generates a system call requiring OS service while 
operating a user program, the Kernel in the OS accesses an address area where data can 
be exchanged with the user process, and the OS then executes read/write functions with 
the data in order to exchange the data with the user processes. However, before the 
process is performed, the OS verifies the user memory validity in order to ensure the 
stability of the system operation and to protect Kernel resources from user access errors. 
In other words, if a real page is already allocated in the address area accessed by the OS 



as user memory, the address area cannot be used as the -user memory, thus the validity of 
the user memory should be verified before the OS begins to exchange data. 

[4] Related art computer systems have OS where the address areas of the 
Kernel and of the user are different from each other. However, the OS installed on 
communications equipment coexists with the user area in a parallel address area. 
Therefore, if the Kernel accesses the memory area of the user in this OS environment, the 
Kernel is able to directly access the memory area without changing the address area. In 
other words, the Kernel is able to access the memory area without changing MMU 
(Memory Management Unit) data. 

[5] Figure 1 is a schematic diagram of a related art OS provided for a user process. 
The related art user process of Figure 1 includes text, data, heap, and stack areas in the 
memory, and the user process performs a system call in order to receive Kernel service from 
the OS. If the called user process requires an OS function, the virtual address area of the 
user buffer is transmitted to the Kernel. At that time, a memory error in the user process may 
generate a fatal error in the Kernel. Therefore, in order to prevent such an error, the Kernel 
determines whether the address of the user buffer is valid. 

[6] As described above, in order to ensure system stability, the OS protects the 
resources of the Kernel from an access error via a user using memory protection process. 
Generally, the Kernel assumes that any user may make an error and provides memory 
protection service to each user. Therefore, the data area of each user (buffer) goes through 
the validity verifying process before being used in the Kernel A first related krt method for 



verifying the validity of memory areas consists ■ of searching the memory management 
structure allocated to the user application by the OS. A second related art method of 
verifying memory validity consists of searching an MMU structure by changing a virtual 
address into a real address. 

[7] To verify memory validity by searching an allocated memory management 
structure, when the user application asks the OS for permission to use the memory, the OS 
stores and manages the information in the memory in a certain structure set as a virtual 
address. The structure stores a start address number and the size of the allocated memory, in 
addition to the real memory information, and therefore the validity of the allocated memory 
is determined by searching the structure. 

[8] The first related art memory validity verification method is suitable for cases 
where the number of searched structures is small because the allocation form of the memory 
is simple. However, in the case of a telecommunication system in which the allocation and 
termination of the memory happens frequently due to the nature of the telecommunication 
protocol, the first related art memory validity verification method is not suitable because the 
number of executed searches, where Log N : N designates the size of the entire structure, 
becomes larger. 

[9] The second related art memory validity verification method is divided into a 
software based search, and a hardware based search in which the MMU hardware performs 
all searching functions automatically. The software based search allows the real address 
searching to be freely constructed by the developer of the OS, but it may affect the OS 



functioning. The hardware based search can be done by either a table lookup search, a 
hashing search, or a segment search method. 

[10] For the hardware based search, the table lookup method of searching stores 
mapping information in a table form, which implements the memory mapping information. 
In addition, the table area which is mapped is searched successively. The hashing method 
of searching is a method by which the structure is searched by changing the address using a 
certain hash function. The searching speed of this method is the fastest However, the 
hashing method is complex due to the hash function and the size of the bucket The 
complexity is further increased due to the overhead in case the corresponding structure is not 
found in the first bucket, whereby a secondary bucket should be used to find the 
corresponding structure. Such complexity increases the time to complete a hash method 
search. 

[11] The segment method of searching is advantageous for certain types of 
searches because of the difficulties with mapping a plurality of memories. The segment 
method is performed similarly to the page method of searching in accordance with applied 
processors. 

[12] As described above, problems with the conventional methods for verifying 
memory validity are due to the functioning of the method being varied by the hardware 
structure implementing the search, and the complexity of the search algorithym reducing the 
verifying speed. In addition, when a fault or a conflict is generated by a memory error in 
the Kernel, the OS is unable to respond appropriately and crashes or locks-up. 



SUMMARY OF THE INVENTION 

[13] An object of the invention is to solve at least the above problems and/or 
disadvantages and to provide at least the advantages described hereinafter. 

[14] Another object of the invention is to provide a method for verifying user 
memory validity in an OS by a simple memory approach, and which is capable of dealing 
with a panic status generated in the Kernel area. 

[15] Another object of the invention is to provide a simplified method for verifying 
the validity of user memory in an OS. 

[16] Another object of the invention is to provide a method of verifying the validity 
of user memory in an OS which does not lock-up or crash the OS when a memory error is 
discovered. 

[17] Another object of the invention is to provide a method for verifying user 
memory validity and a method for processing a fault in the Kernel area which may be 
generated during the process of verifying memory validity. 

[18] Another object of the invention is to provide a method for verifying user 
memory validity which is suitable for an OS environment in which the OS address area and 
the address area of user application are parallel, that is, the OS is able to access the address 
area of user application which is being operated without additionally changing the address. 
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[19] Another object of the invention is to provide a method for processing a fault 
in the Kernel area which can be embodied in a general OS environment, and is not limited to 
a specific OS environment. 

[20] Another object of the invention is to provide a method for verifying user 
memory validity which includes performing a system call and declaring validity checking 
function as a safeguard, identifying whether the validity checking function is declared as the 
safeguard by calling an exception processor if the user memory area is not valid, calling a 
safeguard exception processor and identifying an identifier of the safeguard exception 
processor if the validity checking function is in the safeguard area, recognizing that the 
subject of the process is the validity checking function by the safeguard exception processor, 
and identifying whether the function is defined in the system through the identifier of the 
safeguard, and processing the validity checking function as defined in the system which 
performs the process of the function, if the validity checking function is defined in the 
system. 

[21] To achieve these and other objects, there is provided a method for verifying 
user memory validity in an OS according to embodiments of the invention including the 
steps of performing a system call and declaring a certain code area (function) as a safeguard, 
detecting the user buffer validity by using the user buffer address checking function declared 
as the safeguard, identifying whether the user buffer address checking function is declared as 
the safeguard by calling an exception processor if the user buffer address area is not valid, 
identifying an identifier of the safeguard by calling the safeguard exception processor when 



the user buffer address checking function is identified as. the function in the safeguard area, 
identifying whether the user buffer checking function is defined in the system by identifying 
the safeguard identifier, and returning the error value to the user process if the user buffer 
address checking function is defined in the system. 

[22] Another object of the invention to provide a computer-readable medium 
having stored thereon a sequence of instructions which, when executed by a processor, cause 
the processor to at least perform the steps of generating a system call, declaring a 
safeguard function, verifying validity of a user buffer using a user buffer address 
checking function declared as the safeguard function, determining whether the user buffer 
address checking function is declared as the safeguard function by calling an exception 
processor, if the user buffer address area is not valid, establishing an identifier of the 
safeguard function by calling a safeguard exception processor, if the user buffer address 
checking function is identified as a function in the safeguard area, confirming whether the 
user buffer address checking function is defined in the system by identifying the 
safeguard function identifier, and returning an error value to the user process if the user 
buffer address checking function is defined in the system. 

[23] The foregoing and additional advantages, objects, and features of the invention 
will be set forth in part in the detailed description of the invention which follows, when 
taken in conjunction with the accompanying drawings and in part will become apparent to 
those having ordinary skill in the art upon examination of the following, or may be learned 
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from practice of the invention. The objects and advantages of the invention may be 
realized and attained as particularly pointed out in the appended claims. 



BRIEF DESCRIPTION OF THE DRAWINGS 

[24] The invention will be described in detail with reference to the following 
drawings in which like reference numerals refer to like elements wherein: 

[25] Figure 1 is a schematic diagram of a related art OS provided for a user process; 

and 

[26] Figure 2 is a flow chart of a method for verifying user memory validity in an 
OS according to an embodiment of the invention. 



DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS 

[27] Figure 2 is a flow chart showing a method for verifying a user memory validity 
in an OS according to an embodiment of the invention. The invention includes the kernel 
executing read/write functions to the real address area and verifying whether the area is valid. 
To start the memory verification of Figure 2, in step S10 the user process generates a system 
call in order to acquire OS service functioning, and in step Sll identifies whether user buffer 
exists. The reason why kernel identifies existence of user buffer is that not all processes share 
the memory area. 

[28] If a user buffer exists, in step S12 the Kernel declares certain functions as a 
safeguard in order to verify the validity of the user buffer. The safeguard is a software system 
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structure which ensures the stability of the OS by confining the influences of any fault 
generated by the Kernel to the corresponding user process or function. The user process is 
one of applications performed under OS environment. 

[29] In step SI 3, the Kernel calls the user buffer address checking function from 
those functions located in the area declared as a safeguard. The user buffer address checking 
function verifies the validity of the user buffer, namely the Kernel detects whether the user 
buffer has a valid address and whether the user buffer permits the Kernel's access (read or 
write). The user buffer address checking function comprises a page detecting function and a 
page accessing function. 

[30] The page detecting function detects the presence of a page in the 
corresponding user buffer using the number and the length of the user buffer address. The 
page accessing function then determines whether the user buffer is valid by sequential access 
(read/write) to the address area of the detected page in step S14. The step S13, S14 verifying 
the validity of a user buffer according to the present invention is performed without using a 
MMU (Memory Management Unit) Table. 

[31] If it is determined that the user buffer is valid in step S14, the Kernel returns a 
success value for the read/write functions and revokes the declared safeguard in step SI 5, 
S17. Alternatively, if it is determined in step S14 that the user buffer is not valid, namely, in 
case that the user buffer address checking function generates the fault during operation, the 
Kernel calls the exception processor in step S16. The Exception processor is a processor to 
treat a fault generated while OS performs a service for user process. In step S21, the 



exception processor determines whether the user buffer address checking function is one of 
functions declared as a safeguard. If the user buffer address checking function is a function 
declared as a safeguard, the Kernel calls the Safeguard exception processor in step S22. The 
Safeguard exception processor is a processor to treat a fault of function declared as a 
Safeguard. If the user buffer address checking function is not a function declared as a 
safeguard, the fault is processed by the exception processor. 

[32] When a safeguard exception processor is called, it identifies the safeguard 
identifier in step S23. The safeguard identifier is an identification number assigned to each 
safeguard area. By identifying the safeguard identifier, the safeguard exception processor 
determines the function in which the fault is generated. After that, the safeguard exception 
processor determines in step S24 whether the user buffer address checking function is a 
system defined function. If the user buffer address checking function is not one of functions 
defined by system, the safeguard exception processor interrupts the functioning of the user 
process in step S25 and exits the user process in step S27. However, if the user buffer 
address checking function is one of functions defined by system, the safeguard exception 
processor returns the error value to the user process in step S26 and exits the process in step 
S27, which ends the operation of system call. 

[33] Returning the error value to the user process in step S26 is a process which 
depends on the assumption that the fault is generated in the user buffer address checking 
function. The safeguard exception processor assigns certain processes to the corresponding 
fault according to errors and faults in the Kernel area. 
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[34] The kernel determines in step SI 8 whether the Return value forwarded from 
step S14 and S16 is a success value. If the Return value is a success value, the Kernel 
performs corresponding services for the user process in step SI 9. If the Return value is not a 
success value, the kernel gives warning to the user process in step S20. 

[35] As described above, a preferred embodiment of the invention verifies user 
memory validity by simple memory read/write function, thus increasing process speed. In 
addition, any faults generated in the Kernel area can be easily processed using the safeguard 
functions. 

[36] The foregoing embodiments and advantages are merely exemplary and are not 
to be construed as limiting the present invention. The present teaching can be readily applied 
to other types of apparatuses. The description of the present invention is intended to be 
illustrative, and not to limit the scope of the claims. Many alternatives, modifications, and 
variations will be apparent to those skilled in the art. In the claims, means-plus-function 
clauses are intended to cover the structures described herein as performing the recited 
function and not only structural equivalents but also equivalent structures. 
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